Lucene search
K

69 matches found

Cvelist
Cvelist
added 2023/01/29 5:30 p.m.21 views

CVE-2023-0571 SourceCodester Canteen Management System Add Customer createcustomer.php cross site scripting

A vulnerability has been found in SourceCodester Canteen Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file createcustomer.php of the component Add Customer. The manipulation of the argument name leads to cross site scripting. The attack can b...

4CVSS5.6AI score0.00613EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/03/23 12:0 a.m.5 views

WordPress plugin Amelia 跨站脚本漏洞

WordPress is a set of blogging platform developed by Wordpress Foundation using PHP language. WordPress plugin is an application plugin for WordPress. WordPress Amelia Plugin 1.0.46 and earlier versions are vulnerable to a cross-site scripting vulnerability that stems from the program's failure t...

7.2CVSS5.5AI score0.00519EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/03/23 12:0 a.m.4 views

PT-2022-13458 · WordPress · Amelia

Name of the Vulnerable Software and Affected Versions: Amelia WordPress plugin versions up to and including 1.0.46 Description: The issue arises from insufficient escaping and sanitization of the lastName parameter in the /src/Application/Controller/User/Customer/AddCustomerController.php file...

7.2CVSS5.7AI score0.00519EPSS
Exploits0References5
NVD
NVD
added 2012/12/28 11:48 a.m.20 views

CVE-2012-4932

Multiple cross-site scripting XSS vulnerabilities in SimpleInvoices before stable-2012-1-CIS3000 allow remote attackers to inject arbitrary web script or HTML via 1 the having parameter in a manage action to index.php; 2 the Email field in an Add User action; 3 the Customer Name field in an Add...

4.3CVSS5.7AI score0.01319EPSS
Exploits2References1
Prion
Prion
added 2012/12/28 11:48 a.m.22 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in SimpleInvoices before stable-2012-1-CIS3000 allow remote attackers to inject arbitrary web script or HTML via 1 the having parameter in a manage action to index.php; 2 the Email field in an Add User action; 3 the Customer Name field in an Add...

4.3CVSS6AI score0.01319EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2012/12/28 11:0 a.m.24 views

CVE-2012-4932

Multiple cross-site scripting XSS vulnerabilities in SimpleInvoices before stable-2012-1-CIS3000 allow remote attackers to inject arbitrary web script or HTML via 1 the having parameter in a manage action to index.php; 2 the Email field in an Add User action; 3 the Customer Name field in an Add...

5.7AI score0.01319EPSS
Exploits2References1
UbuntuCve
UbuntuCve
added 2009/12/23 6:30 p.m.25 views

CVE-2009-3581

Multiple cross-site scripting XSS vulnerabilities in SQL-Ledger 2.8.24 allow remote authenticated users to inject arbitrary web script or HTML via 1 the DCN Description field in the Accounts Receivables menu item for Add Transaction, 2 the Description field in the Accounts Payable menu item for A...

3.5CVSS5.9AI score0.00861EPSS
Exploits2References1
OSV
OSV
added 2009/12/23 6:30 p.m.35 views

UBUNTU-CVE-2009-3581

Multiple cross-site scripting XSS vulnerabilities in SQL-Ledger 2.8.24 allow remote authenticated users to inject arbitrary web script or HTML via 1 the DCN Description field in the Accounts Receivables menu item for Add Transaction, 2 the Description field in the Accounts Payable menu item for A...

3.5CVSS5.8AI score0.00861EPSS
Exploits2References2
Cvelist
Cvelist
added 2009/12/23 6:0 p.m.41 views

CVE-2009-3581

Multiple cross-site scripting XSS vulnerabilities in SQL-Ledger 2.8.24 allow remote authenticated users to inject arbitrary web script or HTML via 1 the DCN Description field in the Accounts Receivables menu item for Add Transaction, 2 the Description field in the Accounts Payable menu item for A...

5.3AI score0.00861EPSS
Exploits2References4
Rows per page
Query Builder